Race Condition Vulnerability in Google Chrome DevTools
CVE-2026-2319

7.5HIGH

Key Information:

Vendor: Google
Status: Chrome
Vendor: CVE Published:; 11 February 2026

What is CVE-2026-2319?

A race condition vulnerability in the DevTools of Google Chrome prior to version 145.0.7632.45 can be exploited by a remote attacker. By persuading a user to perform specific user interface gestures and to install a malicious extension, the attacker might exploit an object corruption vulnerability via malicious files. This flaw highlights the importance of user caution when installing extensions and interacting with browser developer tools.

Affected Version(s)

Chrome 145.0.7632.45

References

https://chromereleases.googleblog.com/2026/02/stable-chan...

https://issues.chromium.org/issues/40071155

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Feb 10, 2026

CVE-2026-2319 Data

JSON